Now that's a brass plated b*tch of a problem to test manually. Problem is that the authentication is sent via HTTP headers, not as part of the url. The only tool I know of that lets you construct the complete request like that is Aman's software's webbug. (Win32, free). But you'll have to construct valid data for the header... meaning a proper crypt of the password.Burton,
Internally to ntop, however, you *can* see what's going on. Turn on (globals-defines.h) URL_DEBUG, you will get the details of the HTTP headers being received and interpreted... Here’s the initial request – note the 401 and WWW-Authenticate – that’s ntop asking for the password:
I did turn on the URL_DEBUG knob, and also changed the contents of http.c to show the crypted password.
Here is the output that I get from the debuggin now:
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: read HTTP request line: GET /showURLs.html HTTP/1.1 [27]
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: read HTTP header line: Host: mainframe.savuti.co.za:3000 [33]
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: read HTTP header line: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007 Firebird/0.7 [95]
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: read HTTP header line: Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,*/*;q=0.1 [146]
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: read HTTP header line: Accept-Language: en-us,en;q=0.5 [31]
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: read HTTP header line: Accept-Encoding: gzip,deflate [29]
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: read HTTP header line: Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 [46]
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: read HTTP header line: Keep-Alive: 300 [15]
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: read HTTP header line: Connection: keep-alive [22]
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: read HTTP header line: Referer: http://mainframe.savuti.co.za:3000/Admin.html [54]
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: read HTTP header line: Cookie: SITESERVER=ID=3dfb2ec82f0afd56bc9276aa5d370469 [54]
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: read HTTP header line: Authorization: Basic MWFkbWluOg== [33]
Feb 8 20:43:02 mainframe ntop[30504]: HTTP/I18N_URL_DEBUG: Requested URL = '/showURLs.html', length = -1
Feb 8 20:43:02 mainframe ntop[30504]: HTTP/I18N_URL_DEBUG: User-Agent = 'Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007 Firebird/0.7'
Feb 8 20:43:02 mainframe ntop[30504]: HTTP/I18N_URL_DEBUG: Referer = 'http://mainframe.savuti.co.za:3000/Admin.html'
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: uri is '/showURLs.html'
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: Checking password-protect for '/showURLs.html'
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: Retrieving '2showU'
Feb 8 20:43:02 mainframe ntop[30504]: URL_DEBUG: gdbm_fetch(..., '2showU')='users=1admin'
I am not completely sure what the value "1admin" means, but I guess that it is the index in the database file and the username.
I will fiddle a bit more and see if I can maybe add both the sent password and the existing password to the debug output, and see
if they match. I am baffled here. :/
Maybe it has something to do with the fact that I set the default encryption scheme for FreeBSD to blowfish ? (ie /etc/auth.conf)
Will keep you posted. Regards Jaco _______________________________________________ Ntop-dev mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop-dev
